MidTerm Exam Question 7 Describe Replay attack. How would you mitigate it?
Quiz navigation When designing a secure system, you need to think about three aspects. The 2 3 4 5 first
one is security goal. What are the other two? 12 13 14 B SX Finish attempt ... stion Security Goal:
Confidentiality: Information is accessible only to authorized parties Integrity: Data, software, or
hardware remaining unaltered, except by authorized parties. Authorization: Accessible by those
approved by the resource owner or domain administrator. Availability: Remaining accessible for
authorized use Authentication: Provides assurances that the identity of a principal involved in a
transaction is as asserted Accountability: The ability to identify principals responsible for past actions
Threat model:
Describe Diffie-Hellman key exchange protocol (draw a diagram if needed). What is the main problem
with the original Diffie-Hellman protocol?
What is system correctness and system security. What is the main difference between them?
Define forward secrecy, what is the goal of forward secrecy? How using ephemeral public keys helps in
achieving forward secrecy?
Question 9 Describe STS (station-to-station) protocol (draw a diagram if Not yet needed). What
limitations of the original Diffie-Hellman protocol does it answered address? Provide a short analysis of
the STS protocol.
Describe eavesdropping attack. How would you mitigate it?
3 Describe Kill-bots defense mechanism. What kind of attacks it protects from and how?
Give definition of cryptographic protocol
Describe DNS amplification attack. Draw a diagram if needed. How would you prevent this attack?
When designing a secure system, you need to think about three aspects. The 2 3 4 5 first one is security
goal. What are the other two?
�1. Describe Reflection attack?
2. Describe ICMP Flood/SMURF attack. Draw a diagram if needed. How to prevent this attack?
3. Describe SYN flood attack. Draw a diagram. What is IP address spoofing and why it's important in SYN
flood attack? What is secondary victim in SYN flood attack?
4. What is system correctness and system security. What is the main difference between them?
5. Describe Kill-bots defense mechanism. What kind of attacks it protects from and how?
6. With cryptographic protocols, one should use a new session key for each new session. Why? What are
the two security implications of using the same master key instead of new session keys to encrypt all
data communications between two parties?
7. Describe two common defense mechanisms against SYN flood attacks?
8. Consider a key exchange protocol as shown on Figure1. The protocol allows two users A (Alice) and B
(Bob) to agree on anew session key KAB. Session keys are generated by server S. In order to mitigate
eavesdropping attacks, each user of the system shares a long-term key with the server (i.e. A shares a
long-term secret key K with server S, B shares a long-term key K with server S.) In order to obtain a new
session key, Alice sends her and Bob's IDs to the server. The server then replies to Alice with a new
session key encrypted with Alice's and Bob's long-term keys. Alice then forwards the encrypted key to
Bob. Consider an attacker Carol, who is also a user of the system. Carol can intercept and modify any
protocol message.
• Describe how Carol can trick Alice to share a session key with her instead of Bob. Describe the attack,
draw a diagram.
• How would you prevent this specific attack?
8. When designing a secure system, you need to think about three aspects. The first one is security goal.
What are the other two?
9. Data confidentiality and data integrity can be addressed using encryption and adding Message
Authentication Codes (MAC) to protocol messages. In what order should one apply these operations?
10. Describe STS (station-to-station) protocol (draw a diagram if needed). What limitations of the original
Diffie-Hellman protocol does it addresses? Provide a short analysis of the STS protocol?
11. What are the common security goals of cryptographic protocols? Give one-sentence definition of
each goal.
12. Describe Replay attack. How would you mitigate it?
13. Describe Denial of Service attack. How would you mitigate it?
14. Give definition of cryptographic protocol.
15
�Midterm questions:
1.Describe STS (station-to-station) protocol (draw a diagram if needed).What limitations of the original
Diffie-Hellman protocol does it address?Provide a short analysis of the STS protocol.
2.Define Distributed Denial of Service attack. What is the goal of DDoSattacks? How an attacker conducts
this attack (what victim's resourcesare targeted)? What are the common DDoS defense challenges?
3.Data confidentiality and data integrity can be addressed using encryption and adding
MessageAuthentication Codes (MAC) to protocol messages. In what order should one apply these
operations?
4.What tool an attacker can use to find a path to the target server in Crossfire attack? Explain how this
tool works.
5.Describe Kill-bots defense mechanism. What kind of attacks it protects from and how?
6.Each pair of bots in a botnet can exchange traffic at the maximum speed of 5 MB/sec. What is the
minimum number of bots the botnet should have in order to overload a 1000 MB/sec target link in a
Coremelt attack? Explain. (No points if the numerical answer is wrong/missing). - Answer: 21
7.Describe eavesdropping attack. How would you mitigate it?
8.Describe ICMP Flood/SMURF attack. Draw a diagram if needed. How to prevent this attack?
9.What is system correctness and system security. What is the main differencebetween them?
10.Describe DNS amplification attack. Draw a diagram if needed. How would you prevent this attack?
11. Give definition of cryptographic protocol.
12.Describe Reflection attack.
13.Define forward secrecy, what is the goal of forward secrecy? How usingephemeral public keys helps in
achieving forward secrecy?
14.Consider a key exchange protocol as shown on Figure1. The protocol allows two users A (Alice) and B
(Bob) to agree on a new session key KAB . Session keys are generated by server S. In order to mitigate
eavesdropping attacks, each user of the system shares a long-term key with the server (i.e. A shares a
long-term secret key KASwith server S, B shares a long-term key KBS with server S.) In order to obtain a
new session key, Alice sends her and Bob's ID's to the server. The server then replies to Alice with a new
session key encrypted with Alice's and Bob's long-term keys. Alice then forwards the encrypted key to
Bob. Consider an attacker Carol, who is also a user of the system. Carol is able to intercepts and modify
any protocol message. •Describe how Carol can trick Alice to share a session key with her instead of Bob.
Describe the attack, draw a diagram. • How would you prevent this specific attack?
15.What are the security goals of Off-the-Record (OTR) protocol? Provide protocol overview. What are
the three main steps of the protocol?
